SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
Cybersecurity Webinars and Workshops
Unlock industry insights and hands-on learning with upcoming SANS webcasts and workshops. View archived webcasts here.
Combating Insider Threats with People, Processes, and AI-based Technology
Insider threats are some of the more difficult threats to detect from both a human and technology perspective. Understanding the problem, risks, and methods to prevent insider threats is the first step in ensuring this toxic risk does not affect your organization. Join SANS Senior Instructor Heather Mahalik, and BlackBerry VPs Pooja Kohli (Product Management), and Tony Lee (Global Services Technical Operations) to learn how insider threats and insider risk can be stopped before they begin by implementing AI-based behavior analytics software, such as BlackBerry Persona, to work alongside your defenders. Be among the first to receive the associated whitepaper written by Heather Mahalik.
WebinarDigital Forensics and Incident Response
- 30 Jul 2021
- 13:00 UTC
- Heather Barnhart
Apple CVE-2021-30860(FORCEDENTRY)について知っておくべきこと
タイトル:Apple CVE-2021-30860(FORCEDENTRY)について知っておくべきこと日時:9月24日(金) 午前11時(日本時間)スピーカー:Christopher Crowley AppleはCVE-2021-30860のゼロデイ脆弱性を公開、最新OSをリリースしました。iPhone iOS 14.8、macOS Big Sur 11.6、Security Update 2021-005 Catalina、Apple Watch watchOS 7.6.2への速やかなアップデートが必要です。 実際に脆弱性が悪用され、悪意のあるコードが実行された事例も報告されています。iOSやMacOSに対するこのゼロデイ攻撃からユーザーや情報システムを守るために、今すべきことを説明します。この脆弱性の影響を受けているかどうかを確認するための方法や脆弱性についての技術的な情報、Citizen Labsが進めている脅威分析などについても紹介します。 SANS シニアインストラクターであるChrisは、ネットワークセキュリティおよび管理を15年に渡り続けてきました。SANSでも数多くのコースを開発し、SOC構築の第一人者としても知られています。現在はワシントンDCでコンサルタントとして効果的なコンピュータネットワーク防御などを担当しています。ペネトレーションテストやセキュリティオペレーション、インシデントレスポンスやフォレンジック分析などの業務経験もあります。
WebinarDigital Forensics and Incident Response
- 24 Sep 2021
- 18:00 JST
- Christopher Crowley
Siaran Web Penting SANS: What you Need to Know about CVE-2021-30860 aka FORCEDENTRY
Siaran Web Penting SANS: What you Need to Know about CVE-2021-30860 aka FORCEDENTRYJumat, 24 Sep 2021 9:00AM WIBChris Crowley Apple merilis CVE-2021-30860 dengan menyebutkan: semua versi iPhone iOS sebelum 14.8; versi macOS sebelum OSX Big Sur 11.6, Pembaruan Keamanan 2021-005 Catalina, dan Apple Watch sebelum watchOS versi 7.6.2 menjadi target yang saat ini aktif di eksploitasi. Kami akan membahas hal-hal yang harus segera Anda lakukan untuk melindungi pengguna dan sistem informasi Anda dari eksploitasi zero-day ini terhadap iOS dan MacOS. Kami akan membahas hasil temuan tersebut. Kami akan memberikan indikator tentang apa yang harus dicari untuk mengetahui apakah perangkat Anda telah terdampak oleh kerentanan ini, informasi terbatas tentang detail kerentanan, dan Threat attribution yang telah dikembangkan oleh Citizen Labs. Christopher Crowley, Instruktur Senior SANS, memiliki 15 tahun pengalaman mengelola dan mengamankan jaringan. Dia telah menulis banyak kursus dan merupakan salah satu ahli dalam membangun SOC yang efektif. Saat ini, dia bekerja sebagai konsultan independen di wilayah Washington, DC dan fokus dalam mengembangkan computer network defense yang efektif. Pengalamannya meliputi penetration testing, security operation, incident response, dan forensic analysis.
WebinarDigital Forensics and Incident Response
- 24 Sep 2021
- 18:00 JST
- Christopher Crowley
Adapting detection and response strategies in the cloud
Cloud systems are dynamic, with rapid workload changes to ensure availability, scalability, and cost optimization. Traditional security tools, such as endpoint, network, and event management, find difficulties monitoring changes and addressing vulnerabilities in cloud environments and the changing security landscape. As a result, organizations should consider updated strategies and mechanisms that are proactive, agile, and can effectively mitigate cloud security risks.
WebinarCloud Security
- 30 Sep 2021
- 13:00 UTC
Judul: “The Encryption and Password Hashing Recipe (with a little salt).”
Judul: “The Encryption and Password Hashing Recipe (with a little salt).” Waktu: Jumat, 1 Oktober 2021Menampilkan Pembicara: Bryan Simon Dalam webcast selama satu jam ini, kami akan memberikan pengantar singkat tentang berbagai ystem kriptografi dalam penggunaan modern serta membahas miskonsepsi seputar kriptografi yang mengakibatkan implementasi yang salah. Setiap diskusi tentang keamanan informasi modern tidak akan lengkap tanpa pertimbangan tentang cloud computing dan oleh karena itu presentasi ini akan ditutup dengan contoh tentang keunggulan yang dapat diberikan cloud computing kepada kita dalam hal password hashing. Bryan Simon adalah seorang Instruktur Utama SANS dan penulis utama dari SEC401: Security Essentials: Network, Endpoint, and Cloud, serta seorang ahli keamanan siber yang dikenal di dunia internasional sejak tahun 1991. Saat ini ia menjabat sebagai presiden dan CEO dari Xploit Security Inc, suatu perusahaan yang menyediakan nasihat dari ahli, panduan, dan inteligen yang dapat ditindaklanjuti bagi semua sektor umum dan swasta. Selama perjalanan kariernya, Bryan telah menempati berbagai posisi teknis dan manajerial dalam sektor pendidikan, lingkungan hidup, akunting, dan jasa keuangan. Ia rutin menyampaikan berbagai materi di berbagai konferensi internasional dan dengan pers tentang keamanan siber. Bryan mengajar berbagai siswa yang berasal dari berbagai organisasi seperti FBI, NATO, dan PBB dalam berbagai topik seputar keamanan siber di tiga benua.
WebinarCloud Security
- 1 Oct 2021
- 14:00 AEST
- Bryan Simon
Core NetWars Tournament 7 - Walmart Oct. 2021
Once you have signed up, you will need to proceed to your Account Dashboard in order to complete registration for the game.
WebinarCyber Defense
- 12 Oct 2021
- 09:00 CST
Cyber Solutions Fest 2021: Level Cloud Security
You are entering Level Cloud Security at the SANS Cyber Solutions Fest 2021. This full-day session, led by SANS cloud expert Shaun McCullough, will explore innovative cybersecurity solutions that can help security teams adapt to cloud deployments in areas such as network security, threat intelligence, container and serverless security, and many more. The focus we need to look at is what comes next in Cloud Security?
WebinarCloud Security
- 22 Oct 2021
- 08:30 UTC
- Shaun McCullough
Tech Tuesday Workshop – Cloud Attacks and Incident Response
Attackers evolve to exploit new opportunities, including attacks against cloud systems. As defenders, we also need to evolve, developing new skills and understanding in how attackers exploit cloud platforms, and how we should respond to these incidents.
WebinarCloud Security
- 9 Nov 2021
- 13:00 UTC
- Joshua Wright
Data Security Solutions Forum
To be effective, data protection has to be everywhere, from the server to the endpoint, at the office and at home, throughout the cloud and across the web. A company's system must be able to detect data leakage from any path, quickly apply real-time data protection policies, automate incident workflows, and alert the IT team as needed for further investigation. Having an effective understanding of how and where a company's data is stored is essential when trying to protect it. Data stored across multiple devices and cloud services need to be discovered and categorized according to sensitivity and accessibility. The data that a company creates, collects, stores, and exchanges is a valuable asset. Safeguarding it from corruption and unauthorized access by internal or external people protects a company from financial loss, reputation damage, consumer confidence breakdown, and brand erosion. Furthermore, government and industry regulation around data security make it imperative that a company achieve and maintain compliance with these rules wherever you do business.
WebinarCybersecurity Leadership
- 12 Nov 2021
- 10:30 UTC
- Benjamin Wright
How to Mitigate Dangerous Web Application Vulnerabilities with Security Awareness Training
Application security is quickly becoming a growing concern for many organizations. But relatively fewer resources are spent preventing the application-specific security bugs that create dangerous vulnerabilities. Effectively reducing human risk across the organization requires dedicated training paths to teach the entire team involved in your development cycles.
WebinarSecurity Awareness
- 15 Nov 2021
- 10:00 UTC
- Serge Borso & Jacque Kakareka
SANS 2021 Ransomware Detection and Incident Response Report
Ransomware attacks have become some of the most prolific and public intrusions over recent years. Within a matter of hours, organizations can go from normal operations to having an inoperable network and being extorted for tens of millions of dollars. On this webcast, SANS instructor and author Matt Bromiley, as well as sponsor representatives, will share their thoughts on modern detection and response techniques for ransomware breaches.
WebinarSecurity Awareness
- 16 Nov 2021
- 10:30 UTC
- Matt Bromiley & Jake Williams
Your Extra Layer of Security: Getting to Zero Trust Network Access
Maintaining trust in a network has become an enormous challenge due to: an increasingly sophisticated cyber threat landscape an expanding digital infrastructurea mushrooming cybersecurity skills gap, and an increased need to secure remote work In addition, the growing remote workforce needs to access both cloud-based and on-premises infrastructures. Zero trust network access needs to include controls and policies for network segmentation, endpoint security, identity and access management—and lead the way into a modern extended detection and response (XDR) model of security operations, as well.
WebinarCybersecurity and IT Essentials
- 12 Jan 2022
- 10:30 UTC
- Dave Shackleford